Skip to content

Privacy Policy

1. Data Protection at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data means any information that can be used to identify you personally. Detailed information on data protection can be found in the full privacy policy provided below.

Data Collection on This Website

Who is responsible for data collection on this website?

The data processing on this website is carried out by the website operator. The operator’s contact details can be found in the section “Information on the Data Controller” in this privacy policy.

How do we collect your data?

Your data is collected, for example, when you provide it to us via a contact form.

Other data is automatically collected, or collected with your consent, when you visit this website through our IT systems. This includes mainly technical data (e.g., browser, operating system, or time of access). This collection happens automatically as soon as you access this site.

What do we use your data for?

Some of the data is collected to ensure proper functionality of the website. Other data may be used to analyze user behavior. If contracts can be concluded or initiated via this website, the transmitted data will also be processed for contract offers, orders, or other business requests.

What rights do you have regarding your data?

You have the right to receive free information about the origin, recipients, and purpose of your stored personal data at any time. You also have the right to request rectification or deletion of this data. If you have given consent to data processing, you may withdraw it at any time. You also have the right to request restriction of processing under certain circumstances. Furthermore, you have the right to lodge a complaint with the relevant supervisory authority.

For this purpose, as well as for further questions regarding data protection, you may contact us at any time.

Analytics and Third-Party Tools

When you visit this website, your browsing behavior may be statistically analyzed. This is done mainly with analytics tools.

Detailed information on these analytics tools can be found in the following privacy policy.

2. Hosting

We host the content of our website with the following provider:

IONOS

Provider: IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany (hereinafter “IONOS”). When you visit our website, IONOS automatically collects various log files, including your IP address. Details can be found in IONOS’s privacy policy: https://www.ionos.de/terms-gtc/terms-privacy.

The use of IONOS is based on Art. 6 (1)(f) GDPR / UK GDPR. We have a legitimate interest in the most reliable possible presentation of our website. Where consent is requested, processing takes place exclusively on the basis of Art. 6 (1)(a) GDPR / UK GDPR and § 25 (1) TTDSG (Germany), insofar as the consent includes storage of cookies or access to device information. Consent can be withdrawn at any time.

Data Processing Agreement (DPA) with IONOS

We have concluded a Data Processing Agreement with IONOS. This legally required agreement ensures that IONOS processes personal data of our website visitors only in accordance with our instructions and in compliance with GDPR / UK GDPR.

3. General Information and Mandatory Disclosures

Data Protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations (GDPR, UK GDPR) and this privacy policy.

This privacy policy also takes into account the requirements of the Swiss Data Protection Act (nDSG), where applicable to users from Switzerland.

When you use this website, various personal data may be collected. Personal data refers to data that can identify you personally. This privacy policy explains what data we collect, how we use it, and for what purpose.

We would like to point out that data transmission over the Internet (e.g., email communication) can have security vulnerabilities. A complete protection of data from third-party access is not possible.

Information on the Data Controller

The data controller responsible for processing on this website is:

Thomas Aigner
Grillparzerstraße 29
81675 Munich, Germany

Phone: +49 (0) 170 53 65 468
Email: info@mitohnebitte.com

The controller is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Storage Duration

Unless a more specific retention period is stated in this privacy policy, your personal data will remain with us until the purpose of processing no longer applies. If you request deletion or withdraw your consent, your data will be deleted unless we are legally required or permitted to retain it (e.g., for tax or commercial law retention periods).

Legal Basis for Data Processing

Where you have consented, we process personal data on the basis of Art. 6 (1)(a) GDPR / UK GDPR. If special categories of data are processed (Art. 9 GDPR), Art. 9 (2)(a) GDPR applies. If processing is necessary for contract fulfillment or pre-contractual measures, we process based on Art. 6 (1)(b) GDPR / UK GDPR. We also process personal data where required by law (Art. 6 (1)(c)) or based on our legitimate interest (Art. 6 (1)(f)).

Transfer of Data to Third Countries and the U.S.

We use tools provided by companies located in third countries that may not offer an equivalent level of data protection. When these tools are active, your data may be transferred to and processed in these countries. For transfers to the U.S., we rely on the EU–U.S. Data Privacy Framework (DPF), provided the provider is certified under the DPF.

Recipients of Personal Data

We only share personal data with third parties if required by law, for contract fulfillment, based on legitimate interests, or with your consent. For processors, data is shared only on the basis of a valid Data Processing Agreement.

Your Rights

You have the right to request access, rectification, deletion, restriction of processing, data portability, and to object to processing. You may withdraw consent at any time. You also have the right to lodge a complaint with a supervisory authority (EU / UK).

U.S. Visitors – Additional Notice

Our services are primarily targeted to the EU and UK. U.S. visitors may have additional rights under state laws, such as the California Consumer Privacy Act (CCPA/CPRA). These may include rights to access, delete, or opt-out of the sale/sharing of personal data. If you are a U.S. resident and wish to exercise such rights, please contact us at the details provided above.

4. Data Collection on This Website

Cookies

Our website uses “cookies.” Cookies are small data files that do not harm your device. They are either temporary (session cookies) or persistent (stored until you delete them). Session cookies are deleted automatically at the end of your visit. Persistent cookies remain until you delete them.

Cookies may be first-party (set by us) or third-party (set by external providers). Third-party cookies may enable services such as payment processing or analytics.

Cookies serve different purposes. Some are technically necessary (e.g., shopping cart functionality, video display). Others may be used for analytics or advertising.

Necessary cookies are stored based on Art. 6 (1)(f) GDPR / UK GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the technically error-free and optimized provision of services. Where consent has been requested (e.g., analytics cookies), processing takes place solely on the basis of Art. 6 (1)(a) GDPR / UK GDPR and § 25 TTDSG. Consent can be withdrawn at any time.

You can configure your browser to notify you before setting cookies, allow cookies only in specific cases, block cookies, or automatically delete them when closing the browser. Disabling cookies may affect website functionality.

Currently, this website only sets cookies through the cookie consent tool “Real Cookie Banner” and – after your consent – cookies related to Google Analytics (GA4). No other cookies or tracking technologies are used.

Real Cookie Banner (Cookie Consent Plugin)

We use the plugin Real Cookie Banner to collect and manage cookie consents. Please note that this plugin may set cookies to store your preferences and control the execution of scripts based on your consent. Storage of your cookie preferences is based on your consent (Art. 6 (1)(a) GDPR / UK GDPR).

Polylang (Multilingual Plugin)

We use the Polylang plugin to provide our website in multiple languages. Polylang stores a cookie on your device to remember the selected language. This cookie is technically necessary and does not contain any personal data. The storage is based on Art. 6 (1)(f) GDPR / UK GDPR, as we have a legitimate interest in offering a user-friendly multilingual website.

Server Log Files

When visiting this website, certain information is automatically stored in server log files transmitted by your browser, such as:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing device
  • Time of server request
  • IP address (anonymized where technically possible)

Storage is based on Art. 6 (1)(f) GDPR / UK GDPR. We have a legitimate interest in reliable website presentation and protection against abuse or cyberattacks. Data is not merged with other data sources.

Contact by Email or Phone

If you contact us via email or phone, your inquiry and related personal data (e.g., name, request) are stored and processed for handling your request. We do not share this data without your consent.

Processing is based on Art. 6 (1)(b) GDPR / UK GDPR if your request relates to a contract or pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling requests (Art. 6 (1)(f)) or on your consent (Art. 6 (1)(a)), where applicable. Consent can be withdrawn at any time.

Contact Form

If you send us an inquiry via the contact form, the data you enter (including contact details) will be transmitted to us by email and stored for processing your request and follow-up questions. Data is not stored in a database.

Processing is based on Art. 6 (1)(b) GDPR / UK GDPR if your request relates to a contract or pre-contractual measures. In all other cases, processing is based on our legitimate interest (Art. 6 (1)(f)) or on your consent (Art. 6 (1)(a)), where applicable.

5. Analytics and Advertising

IONOS WebAnalytics

This website uses IONOS WebAnalytics. Provider: 1&1 IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany. Data analyzed may include: visitor numbers, behavior (e.g., pages viewed, duration), referrer, visitor location, and technical data. Specifically, IONOS stores:

  • Referrer (previously visited site)
  • Requested page or file
  • Browser type and version
  • Operating system used
  • Device type used
  • Access time
  • IP address (anonymized)

According to IONOS, data collection is fully anonymized and cannot be traced to individuals. No cookies are stored by IONOS WebAnalytics.

Storage and analysis are based on Art. 6 (1)(f) GDPR / UK GDPR. The operator has a legitimate interest in statistical analysis to optimize website and advertising.

Note: IONOS WebAnalytics is part of the hosting package and cannot be deactivated. Measurements are anonymized, and no personal references are made.

Google Tag Manager

We use the Google Tag Manager, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to manage and implement various website tags (e.g., for Google Analytics and other Google services) centrally. The tool itself does not use cookies and does not store personal data. It only facilitates the transmission of data to the relevant services.

When the Google Tag Manager script is loaded, your IP address may be transferred to Google in the U.S. The use of Google Tag Manager is based on our legitimate interest in an efficient and organized management of our website tags (Art. 6 (1)(f) GDPR / UK GDPR).

If personal data is transferred to the U.S., the transfer is based on the EU–U.S. Data Privacy Framework (DPF), provided that Google is certified. For more information, please see Google’s Privacy Policy.

Google Analytics (GA4)

This website uses Google Analytics 4 (GA4), a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. GA4 uses cookies to analyze website usage, collecting anonymized IP addresses, browser type, referrer, pages visited, and time spent.

IP anonymization is enabled. This means your IP is shortened within the EU/EEA before transfer. We do not use Google Signals for cross-device tracking.

Processing is based on your consent under Art. 6 (1)(a) GDPR / UK GDPR and § 25 TTDSG. You can withdraw consent anytime via our cookie banner.

We have a Data Processing Agreement with Google. If data is transferred to the U.S., it is based on the EU–U.S. Data Privacy Framework (DPF), provided Google is certified. More information: Google Privacy Policy.

You can prevent Google Analytics from collecting data using this opt-out link: Deactivate Google Analytics.

6. Plugins and Tools

Google Fonts (Local Hosting)

This site uses Google Fonts locally. No connection to Google servers occurs. More info: Google Fonts FAQ.

Site Kit by Google

We use Site Kit by Google to integrate Google services into our WordPress dashboard. Site Kit uses Google Tag Manager for the technical implementation of these services. Currently, the following services are active:

  • Google Analytics (GA4) (see above).
  • Google Search Console to monitor visibility in Google Search (aggregated data only).

Use of Site Kit is based on Art. 6 (1)(a) GDPR / UK GDPR (if consented, e.g., GA4) or Art. 6 (1)(f) GDPR / UK GDPR in other cases. Transfers to the U.S. are covered by the DPF if Google is certified.

Solid Security Basic / SolidWP

We use Solid Security Basic (SolidWP) to protect our site against unauthorized access or cyberattacks. Failed login attempts are logged locally, and attacker IPs are blocked. No data is sent to SolidWP’s servers.

Use is based on Art. 6 (1)(f) GDPR / UK GDPR (legitimate interest in security).

Social Media Plugins

For privacy reasons, we do not use social media plugins. Links to social media platforms are implemented only as external links.